<head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title>kali工具箱</title>
<script src="./static/bootstrap.min.js"></script>
<link rel="stylesheet" href="./static/main.css">
<link rel="stylesheet" href="./static/bootstrap.min.css">
<style type="text/css" id="syntaxhighlighteranchor"></style>
</head>
<main class="main-container ng-scope" ng-view="">
<div class="main receptacle post-view ng-scope">
<article class="entry ng-scope" ng-controller="EntryCtrl" ui-lightbox="">
<section class="entry-content ng-binding" ng-bind-html="postContentTrustedHtml">
<h2> DNSChef包装说明</h2><p style="text-align: justify;"> DNSChef是渗透测试和恶意软件分析师高度可配置的DNS代理。 DNS代理（又名“假DNS”）是用于在其他用途​​的应用程序的网络流量分析的工具。例如，DNS代理，可用于为“badguy.com”虚假请求指向本地计算机终止或拦截，而不是一台真实主机的某个地方在互联网上。 </p><p>有几个DNS代理那里。大多数人会简单地指向所有DNS查询一个单独的IP地址或只实现基本的过滤。 DNSChef被开发作为渗透测试，那里有一个需要一种更可配置系统的一部分。这样一来，DNSChef是跨平台的应用程序能够基于包容性和排他性域列表锻造的响应，支持多个DNS记录类型，匹配的域使用通配符，进行代理的不匹配域的真实反应，定义外部配置文件，IPv6和许多其他功能的。你可以找到每个功能的详细解释，并建议采用以下。 </p><p>利用DNS代理的建议中的情况下，不可能给力的应用程序能够直接使用的一些其他代理服务器。例如，一些移动应用完全忽略操作系统的HTTP代理设置。在这种情况下，使用DNS代理服务器，如DNSChef可以让你欺骗该应用程序为转发连接到期望的目的地。 </p><p>资料来源：http://thesprawl.org/projects/dnschef/ <br> <a href="http://thesprawl.org/projects/dnschef/" variation="deepblue" target="blank">DNSChef首页</a> | <a href="http://git.kali.org/gitweb/?p=packages/dnschef.git;a=summary" variation="deepblue" target="blank">卡利DNSChef回购</a> </p><ul><li>作者：iphelix </li><li>许可：GPLv3的</li></ul><h3>包含在dnschef包工具</h3><h5> dnschef - 渗透测试DNS代理</h5><code><a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="fd8f929289bd969c9194">[email&#160;protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script>:~# dnschef -h<br>
Usage: dnschef.py [options]:<br>
          _                _          __<br>
         | | version 0.1  | |        / _|<br>
       __| |_ __  ___  ___| |__   ___| |_<br>
      / _` | '_ \/ __|/ __| '_ \ / _ \  _|<br>
     | (_| | | | \__ \ (__| | | |  __/ |<br>
      \__,_|_| |_|___/\___|_| |_|\___|_|<br>
                  <a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="16d4b67f667e737a7f6e56627e7365666477617a38796471">[email&#160;protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script><br>
<br>
<br>
DNSChef is a highly configurable DNS Proxy for Penetration Testers and Malware<br>
Analysts. It is capable of fine configuration of which DNS replies to modify<br>
or to simply proxy with real responses. In order to take advantage of the tool<br>
you must either manually configure or poison DNS server entry to point to<br>
DNSChef. The tool requires root privileges to run.<br>
<br>
Options:<br>
  -h, --help            show this help message and exit<br>
  --fakeip=192.168.1.100<br>
                        IP address to use for matching DNS queries. If you use<br>
                        this parameter without specifying domain names, then<br>
                        all queries will be spoofed. Consider using --file<br>
                        argument if you need to define more than one IP<br>
                        address.<br>
  --fakedomains=thesprawl.org,google.com<br>
                        A comma separated list of domain names which will be<br>
                        resolved to a FAKE value specified in the --ip<br>
                        parameter. All other domain names will be resolved to<br>
                        their true values.<br>
  --truedomains=thesprawl.org,google.com<br>
                        A comma separated list of domain names which will be<br>
                        resolved to their TRUE values. All other domain names<br>
                        will be resolved to a fake value specified in the --ip<br>
                        parameter.<br>
  --nameservers=4.2.2.1,4.2.2.2<br>
                        A comma separated list of alternative DNS servers to<br>
                        use with proxied requests. A randomly selected server<br>
                        from the list will be used for proxy requests. By<br>
                        default, the tool uses Google's public DNS server<br>
                        8.8.8.8.<br>
  --file=FILE           Specify a file containing a list of DOMAIN=IP pairs<br>
                        (one pair per line) used for DNS responses. For<br>
                        example: google.com=1.1.1.1 will force all queries to<br>
                        'google.com' to be resolved to '1.1.1.1'. You can be<br>
                        even more specific by combining --file with other<br>
                        arguments. However, data obtained from the file will<br>
                        take precedence over others.<br>
  --interface=0.0.0.0   Define an interface to use for the DNS listener. For<br>
                        example, use 127.0.0.1 to listen for only requests<br>
                        coming from a loopback device.<br>
  --tcp                 Use TCP DNS proxy instead of the default UDP.<br>
  -q, --quiet           Don't show headers.</code><h3> dnschef用法示例</h3><code><a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="40322f2f34002b212c29">[email&#160;protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script>:~# dnschef <br>
          _                _          __  <br>
         | | version 0.1  | |        / _| <br>
       __| |_ __  ___  ___| |__   ___| |_ <br>
      / _` | '_ \/ __|/ __| '_ \ / _ \  _|<br>
     | (_| | | | \__ \ (__| | | |  __/ |  <br>
      \__,_|_| |_|___/\___|_| |_|\___|_|  <br>
                  <a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="ae6c0ec7dec6cbc2c7d6eedac6cbdddedccfd9c280c1dcc9">[email&#160;protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script>  <br>
<br>
[*] DNS Chef started on interface: 127.0.0.1 <br>
[*] Using the following nameservers: 8.8.8.8<br>
[*] No parameters were specified. Running in full proxy mode</code><div style="display:none">
<script src="//s11.cnzz.com/z_stat.php?id=1260038378&web_id=1260038378" language="JavaScript"></script>
</div>
</main></body></html>
